[mod_python] req.user always returns None

Mitesh Shah mshah at harpercollege.edu
Mon Feb 9 20:38:03 EST 2009 

Sorry for the confusion.  Well it was initially a CGI and then I learned
about mod_python.  Right now I haven't made any changes to the CGI until
I learn how mod_python works.  And all I need is the username and not
the full name.  When I tried -- os.environ["REMOTE_USER"] -- it never
returned anything.  I think I'm just having a hard time understanding
the logistics of mod_python. 

I call an html and ask for authentication, this should set the cgi
variable but since my python CGI is calling python (#!/usr/bin/python)
separately, I don't think it can access the username from the initial
authentication.

Which brought me mod_python.  Every example I see they change Apache's
httpd.conf to point to the python script. And then this calls
req.get_basic_auth_pw() and req.user and I am able to see the username.
Basically I want the user to authenticate and be presented the html form
and then post to my CGI(or soon mod_python) and then the python script
would then grab the username via req.user.

Thanks for you help so far.

-Mitesh

-----Original Message-----
From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com] 
Sent: Monday, February 09, 2009 7:21 PM
To: Mitesh Shah
Cc: mod_python at modpython.org
Subject: Re: [mod_python] req.user always returns None

2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
> I will take a look at mod_wsgi.  Anyway, looking at the initial post I
> realized that pw = req.get_basic_auth_pw() came AFTER req.user.  I
don't
> know how many times I had read that this was incorrect and STILL did
> it!!  Anyway, I got it to work with that change.  But this was all
just
> for testing.  But now I realized that I may not be able to use this
with
> what I want to accomplish.
>
> 1) Use apache Authorization via .htaccess (which connects to Active
> Directory) -- Working
> 2) After the user is authenticated I have a form (html) with two
fields
> that posts to a python script. -- partially working (cannot log
> username)

When you say script, what is it implemented as, CGI or mod_python?

If CGI, then user should be available as REMOTE_USER environment
variable. If mod_python then as req.user.

If these don't work then the AD module you are using for
authentication is broken in not setting 'user' in Apache request
structure properly.

> The reason I looked into mod_python was that I am trying to pass the
> user's name from the initial login to my python script.  Any ideas on
> how I could do this?

Or are you after full name of user rather than a log in ID?

Can you clarify a bit.

Graham

> Thanks,
> Mitesh
>
> -----Original Message-----
> From: Graham Dumpleton [mailto:graham.dumpleton at gmail.com]
> Sent: Monday, February 09, 2009 5:35 PM
> To: Mitesh Shah
> Cc: mod_python at modpython.org
> Subject: Re: [mod_python] req.user always returns None
>
> It is the authentication handlers responsibility, directly or
> indirectly, to set req.user, it will not be set before the
> authentication handler is called. Setting it is one of the things that
> a correctly implement authentication handler should do.
>
> For the way you are doing things, req.user will only be set after:
>
>  pw = req.get_basic_auth_pw()
>
> is called. Ie., done as a side effect of that call.
>
> BTW, if you are new to mod_python, you might want to consider instead
> using mod_wsgi, writing your application code as a WSGI application
> and using mod_wsgi's much simpler to understand authentication
> provider hooks where everything is done for you except for validating
> the user credentials. For the latter see:
>
>  http://code.google.com/p/modwsgi/wiki/AccessControlMechanisms
>
> Graham
>
> 2009/2/10 Mitesh Shah <mshah at harpercollege.edu>:
>> I am having some issues trying to req.user to return a username.  I
am
> very
>> new to python and mod_python.  I happened upon this thread:
>>
>>
>>
>> http://osdir.com/ml/python.mod_python/2003-10/msg00092.html regarding
> a
>> similar issue.
>>
>>
>>
>> Anyway, even when I ran the code posted by "David Hancock" in the
post
> above
>> I only got a "None" for the username in the error_log file.  I am
> sending
>> this in the URL:
>>
>> "http://localhost/python/mptest"
>>
>>
>>
>> Here is the test setup as it applies to me(basically unchanged).
>>
>>
>>
>> ******mptest.py*******
>>
>> from mod_python import apache
>>
>>
>>
>> def handler(req):
>>
>>         req.content_type = 'text/plain'
>>
>>         req.send_http_header()
>>
>>         req.write("Hello, world!")
>>
>>         return apache.OK
>>
>>
>>
>> def authenhandler(req):
>>
>>         user = req.user
>>
>>         pw = req.get_basic_auth_pw()
>>
>>         req.log_error(str(user) + ' ' + str(pw))
>>
>>         if user == "fred" and pw == "secret":
>>
>>                 return apache.OK
>>
>>         else:
>>
>>                 return apache.HTTP_UNAUTHORIZED
>>
>> *******mptest.py******
>>
>>
>>
>> *******httpd.conf******
>>
>> <Directory "/var/www/html/python">
>>
>>     AddHandler python-program .py
>>
>>     PythonHandler mptest
>>
>>     PythonAuthenHandler mptest
>>
>>     AuthType Basic
>>
>>     AuthName "mod_python restricted area"
>>
>>     require valid-user
>>
>>     PythonDebug On
>>
>> </Directory>
>>
>> ******httpd.conf*******
>>
>>
>>
>> *******error_log*******
>>
>> [Mon Feb 09 17:10:04 2009] [error] [client 127.0.0.1] None secret
>>
>> *******error_log*******
>>
>>
>>
>> After attempting to login I get a 401 page and then I am asked to
> login
>> again.
>>
>>
>>
>> Any help would be greatly appreciated!
>>
>>
>>
>> Thank you,
>>
>> Mitesh
>>
>>
>>
>> _______________________________________________
>> Mod_python mailing list
>> Mod_python at modpython.org
>> http://mailman.modpython.org/mailman/listinfo/mod_python
>>
>>
>

More information about the Mod_python mailing list